Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/gQUyvNyPyQtIvLiMwXsY3dKegUg.roa
File: gQUyvNyPyQtIvLiMwXsY3dKegUg.roa (raw, json)
Hash identifier: 7/byFeuXeR1AhvGxM6qbXX05A84Wnn/BHsqcdpK5rcY=
Subject key identifier: 81:05:32:BC:DC:8F:C9:0B:48:BC:B8:8C:C1:7B:18:DD:D2:9E:81:48
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3472
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/gQUyvNyPyQtIvLiMwXsY3dKegUg.roa
Signing time: Fri 29 Mar 2024 12:22:13 +0000
ROA not before: Fri 29 Mar 2024 12:22:13 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13426 (0x3472)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 29 12:22:13 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=810532BCDC8FC90B48BCB88CC17B18DDD29E8148
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:81:7a:c1:76:0f:61:7d:1b:39:3f:14:d6:f4:
ae:7a:00:ce:57:15:ff:91:be:22:bc:e4:1b:e7:63:
48:15:03:5e:06:0b:4f:94:1b:9d:b7:23:7b:bb:66:
25:be:14:9d:cf:58:cc:f2:f8:15:10:71:a1:93:6c:
d2:cb:9f:b8:ec:7d:3e:1b:c2:10:bc:55:e5:90:79:
58:1d:e2:e3:cc:61:2f:4c:9c:57:b3:55:94:2c:d1:
5a:0d:af:2e:99:ea:7b:77:10:2e:d9:be:7a:d4:d8:
b3:03:9a:f9:a8:62:cb:94:84:51:78:f6:36:75:ba:
73:0c:25:a9:63:b7:32:99:dd:0f:0c:df:54:d0:ee:
a8:65:0f:30:6f:ce:2b:8c:e7:f3:a9:45:f0:dc:55:
23:c8:60:fc:52:f4:47:df:46:db:a0:ae:f1:f4:b3:
a5:51:d2:75:c5:04:19:4d:4d:53:1d:9e:6c:e7:6e:
6d:5b:46:90:81:8d:c1:a2:bb:c8:38:cf:3d:78:1b:
30:db:b8:4c:3f:b5:f7:6c:6b:3e:3a:90:c2:b8:37:
3d:11:d5:92:a2:96:dd:06:c0:e8:dd:af:32:dc:81:
24:06:b9:4a:56:f3:35:44:b8:14:f1:3e:dd:9b:97:
f3:78:5d:7f:96:46:17:56:ef:d2:16:b8:03:e5:51:
85:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:05:32:BC:DC:8F:C9:0B:48:BC:B8:8C:C1:7B:18:DD:D2:9E:81:48
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/gQUyvNyPyQtIvLiMwXsY3dKegUg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ae:01:39:72:7f:36:a2:c8:36:d0:ef:66:b1:2a:03:3a:91:bf:
42:b6:ee:13:fb:ae:c9:ec:31:55:72:d8:be:57:58:87:ca:4c:
19:8d:0e:20:a3:cb:cc:09:de:77:8c:3b:ac:e8:ba:d0:37:6e:
ad:56:d0:43:1e:22:2e:ad:1e:52:96:65:80:e1:74:86:9a:d1:
d6:de:75:17:bb:3b:be:55:29:c9:dc:25:82:c2:c2:ff:ab:7b:
4a:7d:44:59:aa:d2:c3:e1:b4:03:85:23:3a:3e:d6:a9:a8:ab:
88:67:9d:ad:6b:38:69:7f:61:0f:af:b1:8e:a4:14:2b:f3:e6:
5a:37:1f:a0:24:29:10:db:dc:0a:f9:44:4c:f7:84:0a:0e:9f:
db:e8:45:d8:84:13:66:e1:76:95:e8:23:cd:7c:19:54:0b:57:
ef:5c:a1:49:1f:10:8d:81:39:d4:d3:f1:fd:7f:0f:71:15:5b:
72:5a:ae:98:21:4b:8f:ce:0f:51:da:36:8f:ff:4a:58:8f:0e:
5e:91:58:30:9f:f3:7c:ff:35:7b:7e:70:82:73:64:11:d8:03:
29:7c:90:6f:f0:fc:34:98:92:d2:d0:fe:77:68:f5:41:44:d3:
53:08:5d:7a:ea:23:82:84:9e:e2:45:a6:e3:6f:87:73:69:63:
c6:6c:59:c3
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNHIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjkx
MjIyMTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDgxMDUzMkJDREM4RkM5
MEI0OEJDQjg4Q0MxN0IxOERERDI5RTgxNDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4gXrBdg9hfRs5PxTW9K56AM5XFf+RviK85BvnY0gVA14GC0+U
G523I3u7ZiW+FJ3PWMzy+BUQcaGTbNLLn7jsfT4bwhC8VeWQeVgd4uPMYS9MnFez
VZQs0VoNry6Z6nt3EC7ZvnrU2LMDmvmoYsuUhFF49jZ1unMMJaljtzKZ3Q8M31TQ
7qhlDzBvziuM5/OpRfDcVSPIYPxS9EffRtugrvH0s6VR0nXFBBlNTVMdnmznbm1b
RpCBjcGiu8g4zz14GzDbuEw/tfdsaz46kMK4Nz0R1ZKilt0GwOjdrzLcgSQGuUpW
8zVEuBTxPt2bl/N4XX+WRhdW79IWuAPlUYX3AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUgQUyvNyPyQtIvLiMwXsY3dKegUgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2dRVXl2TnlQeVF0SXZM
aU13WHNZM2RLZWdVZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEArgE5cn82osg20O9msSoDOpG/QrbuE/uu
yewxVXLYvldYh8pMGY0OIKPLzAned4w7rOi60DdurVbQQx4iLq0eUpZlgOF0hprR
1t51F7s7vlUpydwlgsLC/6t7Sn1EWarSw+G0A4UjOj7WqairiGedrWs4aX9hD6+x
jqQUK/PmWjcfoCQpENvcCvlETPeECg6f2+hF2IQTZuF2legjzXwZVAtX71yhSR8Q
jYE51NPx/X8PcRVbclqumCFLj84PUdo2j/9KWI8OXpFYMJ/zfP81e35wgnNkEdgD
KXyQb/D8NJiS0tD+d2j1QUTTUwhdeuojgoSe4kWm42+Hc2ljxmxZww==
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:27:12 2025 by rpki-client